RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Kaspersky IoT Secure Gateway

Product
The name of the base system (platform): KasperskyOS
Developers: Research and Production Association Adaptive Industrial Technologies (Aprotech), Kaspersky Kaspersky
Date of the premiere of the system: 2020/04/01
Technology: Information Security - Antiviruses,  Information Security - Firewalls,  Internet of Things Internet of Things (IoT)

Content

The main articles are:

The initially secure gateways of Kaspersky IoT Secure Gateway are components of the Kaspersky IoT Infrastructure Security solution.

In general, Kaspersky IoT Secure Gateway is a operating system KasperskyOS pre-configured application set. software

2021

KISG 100 и KISG 1000

As of July 2021, the KISG line consists of Kaspersky IoT Secure Gateway 100 (KISG 100) and Kaspersky IoT Secure Gateway 1000 (KISG 1000). Both gateways operate under the control of a specialized one. operating system KasperskyOS

KISG 100 is the first cyber-immune gateway on the market from Kaspersky Lab. It is designed for the industrial Internet of Things. It was developed jointly with a subsidiary of Kaspersky Lab - Aprotech.

The device is built on the Siemens Simatic IOT2040 hardware platform. The gateway collects a large amount of previously unavailable information generated by IIoT devices, which allows it to be used for machine learning, predictive analysis and the creation of digital twins. KISG 100 does not allow access to equipment from the outside, since it acts as a data diode, skipping data in only one direction. For processing and analysis, information is transferred to cloud platforms.

KISG 1000 is a gateway with native security and built-in security for the entire IoT infrastructure. Kaspersky IoT Secure Gateway is designed to be installed on an embedded computer of the Advantech UTX-3117-S6A1N model.

The device aggregates data, converts it, and securely transfers data to private or public clouds. Thanks to the ability to work with several cloud platforms using the MQTT protocol, it can be used both in industry and in other industries.

The KISG 1000 not only collects, checks and distributes telemetry, but also transmits control commands received over the MQTT to the devices. The gateway has built-in security features: detection and classification of devices on the network, registration of security events in IoT systems and protection against network attacks (IDS/IPS). All gateway events are centrally managed and monitored through the Kaspersky Security Center platform .

Kaspersky IoT Secure Gateway is designed to work as a secure gateway Internet of things (Internet of Things) in the organization's network.

For July 2021 Kaspersky IoT , Secure Gateway 1000 performs the following functions:

  • Receives, checks, and distributes MQTT messages from sensors and other devices.
  • Logs system and network security events.
  • Detects devices on your organization's internal network.
  • Detects intrusion attempts on an organization's internal network.
  • Ensures the cybersecurity of the device itself and provides ways to control connected devices.

Kaspersky IoT Secure Gateway can also work as a network firewall DHCPservers address converter (NAT).

Cyber ​ ​ immunity is an approach to developing secure IT solutions based on KasperskyOS. Such solutions are protected from the overwhelming number of cyber attacks (both existing and still unknown) and will perform their critical functions even in an aggressive environment, Kaspersky Lab explained.

Renaming IKS1000GP to Kaspersky IoT Secure Gateway 100

In April 2021, the gateway for internet of things IKS1000GP was renamed Kaspersky IoT Secure Gateway 100.

2020: Announcement of the IKS1000GP

On April 1, 2020, the company NPO Adaptive Industrial Technologies (APROTECH) announced that it had developed a software and hardware complex for IKS1000GP, which is designed to collect and process "raw" (industrial data gateway - industrial internet of things IIoT GateWay). This solution is based on KasperskyOS the company's equipment. " Siemens It has great export potential, because end-to-end digital services based on trusted industrial data and built on an open cloudy platform.

File:Aquote1.png
For April 2020, at the level of production sites around the world, a very large amount of data can be collected on the state of equipment, environmental parameters and even personnel conditions. However, in practice, 85% of industrial equipment remains unconnected. One of the reasons is the lack of complete confidence in the reliability of the data collected. If the data are collected using our gateway directly from industrial equipment, then almost all of them can form the basis of subsequent analysis. This will allow you to detect or predict a variety of events that have not previously been identified anomalies, greatly reducing the number of unplanned production shutdowns and creating prerequisites for business models.

told Andrey Suvorov, Director General of NPO "Adaptive Industrial Technologies"
File:Aquote2.png

According to the company, the developed software and hardware complex receives information from industrial equipment, including machines, conveyors, engines and turbines. Then it aggregates data streams in real time and prepares them for use by industrial Internet of Things (IIoT) platforms. An important advantage of using the gateway is the ability to safely transfer industrial data to a remote site of the enterprise. Thus, human actions in the production circuit are minimized, and expert assessment of data (interpretation of complex events, identification of hidden patterns and anomalies, and so on) can be carried out online by a small group of specialists or using machine learning technologies.

File:Aquote1.png
When connecting industrial equipment to analytical processing platforms or IIoT platforms, it is important to prevent data substitution. This can both entail erroneous decisions and create the risk of illegitimate access to physical equipment. As of April 2020, a large number of interconnected sensors and controllers that produce a stream of industrial data cannot be protected by superimposed cybersecurity solutions . That is why the gateway is based on KasperskyOS.

told Evgeny Kaspersky, CEO of Kaspersky Lab
File:Aquote2.png

The gateway assumes two main ways to store and process data. In the first case, the software and hardware complex transmits information to the cloud, which is located in the Siemens data processing center. In the second, the customer can create his own private cloud, in which case the information will definitely not be transmitted outside the enterprise perimeter.

The first version of the gateway IKS1000GP created on the commercially available SIMATIC hardware platform IoT2040 Siemens, to which KasperskyOS was ported. Based on this operating system, the developers of the Kaspersky Lab subsidiary and ITELMA have made five different software components responsible for interacting with the cloud platform of the industrial Internet, receiving data from equipment and used for configuration and management. The use of the IKS1000GP gateway allows you to build end-to-end information services that connect the level of production equipment with the processes of managing operational efficiency of production - and thereby reveal the economic potential of industrial data.

File:Aquote1.png
The use of end-to-end digital services based on industrial data is primarily a transition to updated business models that are more flexible, transparent and efficient. They also open up opportunities for the inclusion of enterprises and service companies in industry and global production chains, which is especially important for the development of the Russian industry[1].

told Alexander Liberov, President of Siemens in Russia
File:Aquote2.png

Notes